How to Check SSL Certificates in Your Browser
Step-by-step guide to viewing SSL certificate details in every major browser. Check expiry dates, certificate chain, and issuer without leaving your browser.
You don't need to install anything or open a terminal to check an SSL certificate. Every major browser lets you inspect certificate details right from the address bar. Here's exactly how to do it in Chrome, Firefox, Edge, and Safari -- plus what to look for once you're there.
How to Check SSL in Google Chrome
Chrome is the most popular browser, and Google has changed the certificate inspection flow a few times. Here's the current way (Chrome 120+).
Click the site information icon
To the left of the URL in the address bar, click the tune/slider icon (it replaced the padlock in recent Chrome versions). On older Chrome versions, this is still a padlock icon.
Click 'Connection is secure'
A dropdown appears showing the connection status. Click "Connection is secure" to expand the security details.
Click 'Certificate is valid'
This opens Chrome's certificate viewer. You'll see three tabs: General, Details, and Certification Path.
Review the certificate details
The General tab shows the issuer, validity dates (Issued On / Expires On), and the subject. The Details tab shows every certificate field including SANs, key usage, and signature algorithm. The Certification Path tab shows the full chain from root CA to leaf certificate.
Chrome DevTools shortcut
You can also check SSL details through DevTools: press F12, go to the Security tab, and click "View certificate." This gives you the same certificate viewer plus information about the TLS connection (protocol version, cipher suite, key exchange).
How to Check SSL in Mozilla Firefox
Firefox has its own certificate viewer that's actually more informative than Chrome's for quick checks.
Click the padlock icon
Firefox still uses a padlock icon to the left of the URL. Click it.
Click 'Connection secure'
You'll see a brief summary. Click "Connection secure" to expand.
Click 'More Information'
This opens Firefox's Page Info window with a Security tab selected.
Click 'View Certificate'
Firefox opens a new tab with a detailed certificate view. This is one of the best browser certificate viewers -- it shows the certificate, any intermediates, and the root CA in a tabbed layout at the top.
Firefox's certificate viewer is particularly good at showing the full certificate chain. Each certificate in the chain gets its own tab, and you can quickly see if an intermediate is missing or if the chain is unexpectedly long.
Bonus: Firefox also shows Certificate Transparency (CT) information, including the Signed Certificate Timestamps (SCTs). This is useful for verifying that the certificate was logged to public CT logs as required.
How to Check SSL in Microsoft Edge
Edge is Chromium-based, so the process is nearly identical to Chrome.
Click the padlock icon
Edge still shows a padlock icon in the address bar. Click it.
Click 'Connection is secure'
Same as Chrome -- expand the security details.
Click the certificate icon
Click "Certificate is valid" to open the certificate viewer. Edge uses the Windows certificate viewer on Windows, which looks different from Chrome's built-in viewer but shows the same information.
Check the Details and Certification Path tabs
The Details tab lists every field. The Certification Path tab shows the chain with a status for each certificate (whether it's valid or has issues).
On Windows, Edge opens the native Windows certificate dialog, which includes a "Copy to File" button if you need to export the certificate for analysis with other tools.
How to Check SSL in Safari (macOS)
Safari's certificate inspection is a bit more buried than the other browsers.
Click the padlock icon
In the address bar, click the padlock icon. If you don't see a padlock, the site either doesn't have SSL or Safari is using its compact address bar mode.
Click 'Show Certificate'
A dialog appears with a summary of the certificate, including the issuer and expiry date.
Expand the details
Click the "Details" disclosure triangle to see the full certificate fields: serial number, signature algorithm, validity period, public key info, and extensions.
Safari on iOS
On iPhone and iPad, there's no built-in way to view full certificate details in Safari. You can see whether a connection is secure (the padlock in the address bar), but to inspect the actual certificate, you'll need to use an online SSL checker tool or a dedicated app.
Your browser checks the present. Monitoring checks the future.
Get alerts before your certificates expire -- not after your visitors see errors.
What to Look For in the Certificate Viewer
Once you've opened the certificate in any browser, here's what to check:
Expiry Date
The most critical field. Look for "Not After," "Expires On," or "Valid To." If the date is in the past, the certificate is expired. If it's within 30 days, it's time to renew.
Subject and Subject Alternative Names (SANs)
The Subject field shows the primary domain. The SANs field (under Extensions or Details) lists every domain the certificate covers. If you're getting a name mismatch error, the domain you're visiting probably isn't in the SANs list.
Issuer
Who issued the certificate. Common issuers include Let's Encrypt, DigiCert, Sectigo, GoDaddy, and Google Trust Services. If you see "self-signed" or an issuer you don't recognize, the certificate may not be publicly trusted.
Certificate Chain (Certification Path)
A valid certificate chain goes from the leaf certificate (your domain) through one or more intermediates to a trusted root CA. If the chain is broken (missing intermediate), some browsers will still work (they can fetch the missing intermediate) while others won't. This is a common source of "works on my machine" SSL problems.
Signature Algorithm
Should be SHA-256 with RSA (sha256WithRSAEncryption) or ECDSA. SHA-1 certificates have been deprecated since 2017. If you see SHA-1, the certificate needs to be replaced immediately.
DV vs. OV vs. EV: What You'll See in the Browser
The type of SSL certificate affects what browsers display:
| Certificate Type | Validation Level | Browser Display | Typical Use |
|---|---|---|---|
| Domain Validated (DV) | Domain ownership only | Padlock icon, no organization name | Personal sites, blogs, small apps |
| Organization Validated (OV) | Domain + business verified | Padlock icon, organization visible in certificate details | Business websites, SaaS apps |
| Extended Validation (EV) | Domain + thorough business verification | Padlock icon, organization name in certificate details (no longer in address bar) | Banks, financial services, enterprise |
A few years ago, EV certificates showed the company name in a green address bar. Browsers removed this in 2019-2020. Now all valid certificates look the same in the address bar -- just a padlock. You can only see the organization name by opening the certificate details.
This means from a user-facing perspective, a free Let's Encrypt DV certificate looks identical to a $500 EV certificate in the browser chrome. The difference is only visible when you inspect the certificate.
The Limitation of Browser Checks
Checking SSL certificates in the browser is great for answering "is this certificate valid right now?" It's useless for answering "will this certificate be valid next week?"
Browser inspection is reactive. You're checking after the fact, usually because something went wrong or someone asked. For production websites, you need something that checks proactively and alerts you before expiry.
Think of browser certificate inspection as a diagnostic tool, not a monitoring strategy. Use it when you need to debug a specific issue. Use monitoring for everything else.
Related Articles
Every browser has a certificate viewer. The trick is checking before your users do.
Never miss an SSL certificate expiry
Monitor your certificates and get alerts before they expire. Free for up to 3 certificates.